Global Risk Management Survey

Similar documents
Global risk management survey, 10th edition

Deloitte Global Risk Management Survey, eighth edition Setting a higher bar Australian edition 2013

BANKUNITED, INC. CHARTER OF THE RISK COMMITTEE

RISK COMMITTEE CHARTER

Global risk management survey, ninth edition Operating in the new normal: Increased regulation and heightened expectations

Draft Guideline. Corporate Governance. Category: Sound Business and Financial Practices. I. Purpose and Scope of the Guideline. Date: November 2017

2016 Risk Practices Survey

TERMS OF REFERENCE OF THE BOARD RISK COMMITTEE OF THE BOARD OF DIRECTORS

Risk Review Committee

First look. A practical guide to the Federal Reserve s newly announced enhanced prudential standards. Perspectives on financial reform Issue 3

RISK COMMITTEE OF THE BOARD OF DIRECTORS OF THE TORONTO-DOMINION BANK CHARTER. ~ ~ Supervising the Management of Risk of the Bank ~ ~

Does ERM matter?* Enterprise risk management for the insurance industry

Corporate Governance Guideline

Why your board should take a fresh look at risk oversight: a practical guide for getting started

Senior Supervisors Group:

ERM and the new world of insurance regulation. Where insurers should focus now to find business value

2018 THE STATE OF RISK OVERSIGHT

Risk Review Committee Charter

2018 Report. July 2018

Heightened Expectations for Some a Message for All to Consider: The Evolution of the 3 Lines of Defense WHITE PAPER

Optimism for new investment strategies. proven value. Alternatives. The Alpha Game. Hedge Funds Step Up Operations to Capture New Growth

NOVEMBER 2, Federal Reserve Proposal Sets Out New Expectations for Boards of Directors

ERM Capability A Rating Agency s View. David N. Ingram, CERA Director Enterprise Risk Management, Financial Services Ratings Standard & Poor s

Analysis of Corporate Governance Disclosures in Annual Reports. Annual Reports

Survey of Credit Underwriting Practices 2010

COMMERCE BANCSHARES, INC. AUDIT AND RISK COMMITTEE CHARTER

Corporate Governance of Federally-Regulated Financial Institutions

THE NEW CORPORATE GOVERNANCE RULES FOR SIGNIFICANT FOREIGN BANKS OPERATING IN THE UNITED STATES

Northern Trust Corporation

Global tax management Japan research report. Global Tax Management. Japan Research Report. Tax Management Consulting Deloitte Tohmatsu Tax Co.

The Board and Risk Oversight: Increasing Transparency Through Proxy Disclosure

Basel II Pillar II Practice Study The World Bank By Ana María Avilés

Dodd-Frank Act Stress Test 2017 Public Disclosure

Supervisors Key Roles as Banks Implement Expected Credit Loss Provisioning

RISK OVERSIGHT COMMITTEE CHARTER

OF RISK AND CAPITAL FOR BANKS USING ADVANCED SYSTEMS

Dragonfly, LLC New York, USA

ERM Benchmark Survey Report A report on PACICC's third ERM benchmarking survey

Portfolio of dfv Maleki Group FRANKFURT meets DAVOS Frankfurt Finance Summit EURO FINANCE WEEK EURO FINANCE magazine EURO FINANCE Weekly

ERM Benchmark Survey Report

Global Enterprise Risk Management in Insurance

Governance & Development: Views from G20 Countries

Harmonizing Risk Appetites within a Stress Testing Framework. April 2013

Key risks and mitigations

Northern Trust Corporation

Review of the Federal Financial Sector Framework Finance Canada

U.S. Treasury Report Proposes Changes to the Financial Regulatory System

2013 AFP Risk Survey. lllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll

CITIGROUP INC. RISK MANAGEMENT COMMITTEE CHARTER As of January 18, 2018

MENA-OECD WORKING GROUP ON CORPORATE GOVERNANCE

Cover title 26/29 Risk appetite gains momentum 45 light white in a changing world

CAPITAL ONE FINANCIAL CORPORATION CHARTER OF THE RISK COMMITTEE OF THE BOARD OF DIRECTORS

Solvency II Insights for North American Insurers. CAS Centennial Meeting Damon Paisley Bill VonSeggern November 10, 2014

Banking reform in Britain

Financial Stability Institute

Statement by Andrew Crockett Chairman of the Financial Stability Forum International Monetary and Financial Committee Meeting

MARCH 5, Federal Reserve Proposes Enhanced Risk Management Expectations for Large Financial Institutions

GUIDELINES FOR THE INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS FOR LICENSEES

Audit Committee Charter

ERM/ORSA Training Thai General Insurance Association (TGIA)

Working through Risk Appetite

The Federal Reserve Board s Final Dodd-Frank Systemic Prudential Regulations for Domestic Banks

Where do we go from here?

British Columbia Lottery Corporation Board Manual Tab 8 TERMS OF REFERENCE: AUDIT COMMITTEE

2017 Investor Pulse. Switzerland MKTG0817E

The Basel Core Principles for Effective Banking Supervision & The Basel Capital Accords

PRIVATE REAL ESTATE FUND SERVICES 2016 A special supplement to PERE magazine

Corporate Governance Code for Credit Institutions and Insurance Undertakings 2013

Valley National Bancorp Annual Dodd-Frank Act Stress Test Disclosure

Focus on Opportunity. Regulatory Administration and Compliance Support Services For Hedge Funds and Private Equity Funds

There shall be an in camera session at each quarterly Committee meeting with only independent directors present.

Regulatory Practice Letter December 2013 RPL 13-20

Eric Schwartz, FSA, MAAA Vice President & Life Valuation Actuary Gen Re Stamford, CT

Figure 1 Technology Companies Reporting a Car Allowance Policy for Sales Employees

INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS GUIDELINE. Nepal Rastra Bank Bank Supervision Department. August 2012 (updated July 2013)

Fiduciary Risk Range of Practice - April 2012

Talent and accountability incentives governance Risk appetite and risk responsibilities

Communiqué of G-7 Finance Ministers and Central Bank Governors February 20, 1999 Petersberg, Bonn

A Global Enterprise Risk Management Qualification Progress report to the Presidents Forum. Harry Panjer, Canada Fred Rowley, Australia 13 June 2008

Article from: Risks & Rewards. August 2014 Issue 64

Enterprise risk management: How are companies gaining value from their ERM strategies?

(1) At April 11, Group Structure

The Federal Reserve s proposed rule for enhanced prudential standards: what it means to insurers and what they should do now

Enhanced Prudential Standards for Bank Holding Companies and Foreign Banking. AGENCY: Board of Governors of the Federal Reserve System (Board).

CHARTER OF THE RISK AND COMPLIANCE JOINT COMMITTEE OF THE BOARDS OF DIRECTORS OF FIFTH THIRD BANCORP AND FIFTH THIRD BANK

Comptroller of the Currency Administrator of National Banks SURVEY OF CREDIT UNDERWRITING PRACTICES 2000

MULTI-YEAR EXPERT MEETING ON SERVICES, DEVELOPMENT AND TRADE: THE REGULATORY AND INSTITUTIONAL DIMENSION

2012 RISK APPETITE SURVEY ACTUARIES INSTITUTE

EVINE LIVE INC. AUDIT COMMITTEE CHARTER

Ben S Bernanke: Modern risk management and banking supervision

The OCC FinTech Charter: A New Model For Tech-Enabled Financial Services? New York City February 21, 2017

Working Capital Strategies to Drive Shareholder Value

Board Risk & Compliance Committee Charter

Financial Services. Fair Value Pricing Survey Results

10 minutes on... Executive remuneration trends staying out of the strike zone

Corporate Governance of the Largest US Public Companies General Governance Practices

Enterprise Risk Management & the Actuarial Profession in General Insurance

The Rating Agency View of Capital Modelling. Simon Harris Team Managing Director European Insurance

April 30, Dear Mr. Frierson,

STRATEGIES TO MANAGE RISK

Transcription:

Global Risk Management Survey Edward Hida Partner Global Risk & Capital Management Leader Deloitte US We are pleased to share with you a selection of key insights explored in Deloitte s Global Risk Management Survey, 10 th edition. In this feature, we focus on the evolution of risk management, the role of the CRO, and board risk committees for discussion. Help us choose our Top 10 Topics for 2018 www.deloitte.com/lu/insiderisk2018k Printed with permission of Deloitte US

T crisis have seen a wave of regulatory change that increased both the scope and the stringency of regulatory have now had more time to understand the practical implications of these new regulations and what is required to comply. Today, risk management is becoming confront a variety of trends that have introduced greater uncertainty than before as regards the future direction of the business and regulatory environment. Economic conditions in many countries continue to be weak, with historically low interest rates. The continual increase in regulatory requirements may abate or even be reversed in the near term as President Trump, the US Congress, and others have questioned whether regulatory oversight has gone too far. Strategic risk is increasing as entrepreneurial FinTech players are sectors. The rapidly changing environment suggests that risk management programs may need to increase their ability to regulatory and business developments and to emerging risks, for example, by employing predictive analytics tools. Deloitte s Global Risk Management Survey assesses the industry s risk management practices and the challenges it faces in this turbulent period. The 10 th survey was conducted in the second half of 2016 after the Brexit vote in the United Kingdom but before the US presidential election services institutions around the world that sections and have aggregate assets of US$13.6 trillion. The evolution of Risk Management Over the 20 years that Deloitte has been conducting its global risk management industry has become more complex, with the introduction of new products and services. At the same time, regulatory requirements and expectations for risk management have broadened to cover a wider range of issues and also become more stringent, especially in Deloitte s survey series has assessed how institutions have responded to these developments, the substantial progress that has occurred in the maturity of risk management programs, and their challenges. In general, over this period, risk management programs have become almost universally adopted, and now programs have expanded capabilities. Boards of directors are more involved in risk management and more institutions employ someone in a senior-level CRO position. The following are some of the key areas where the survey series has documented increasing maturity in risk management programs. More active board oversight In 2016, 93 percent of respondents said their board of directors reviews and approves the overall risk management policy or ERM framework, an increase from 81 percent in 2012. More use of board risk committees It is a regulatory expectation that boards of directors establish a risk committee with primary responsibility for risk oversight. The use of a board risk committee has become more widespread, although there is clearly room for further adoption (Figure 1). Figure 1: Percentage of institutions risk management at the level of the board of directors with a board risk committee 2012 2014 2016 Source: GMRS survey 10 th edition 43% 51% 63% The rapidly changing environment suggests that risk management programs may need to increase their ability to anticipate and regulatory and business developments and to emerging risks, for example, by employing predictive analytics tools.

Over the years, there has been a continual increase in the percentage of institutions with a CRO position or equivalent. As of 2016, the position has become almost universal (Figure 2). At the same time, the CRO is now a more senior-level position reporting to higher levels of the organization. Similarly, the CRO more often directly reports to the board of directors at 52 percent of institutions in 2016, up from 32 percent in 2002. Furthermore, 77 percent of institutions reported that the CRO is a member of the executive management committee, an increase from 58 percent in 2010. Wider set of responsibilities Over time, the CRO and the independent risk management program have been given a wider set of responsibilities at many institutions. For example, in 2016, 92 percent of respondents said that one of the responsibilities of the CRO was to assist in developing and documenting the enterprise-level risk appetite statement, compared with 72 percent in 2008. Similarly, 76 percent said that the CRO was responsible for assessing capital adequacy, while this was the case at 54 percent of the institutions in 2006. Widespread adoption of an ERM program The adoption of ERM programs has more than doubled, from 35 percent in 2006 to 73 percent in 2016 (Figure 3). The implementation of ERM programs moved upward in 2010, which was likely in on enhancing risk management. While there has been considerable progress in the continued development and maturation of risk management programs, there remains considerable work to do. Figure 2: Percentage of institutions 2002 2004 2006 2008 65% 81% 84% 73% Figure 3: Percentage of institutions with an ERM program in place 2006 2008 35% 36% The survey found that the trend toward independent directors on board risk committees has become pronounced. 2010 86% 2010 52% 2012 89% 2012 62% 2014 92% 2014 69% 2016 92% 2016 73% Source: GMRS survey 10 th edition

Board Risk Committees Placing oversight responsibility for risk management with a board risk committee is a general regulatory expectation and has come to be seen as a leading practice. The Basel Committee issued guidance in 2010 that stressed the importance of a board-level risk committee, especially for large banks and internationally active banks, and revised guidance in 2015 specifying the appropriate role of the risk committee.1 Similarly, the enhanced prudential standards (EPS) issued by the Federal Reserve establish certain requirements for US banks to have a risk committee of the board of directors, with some requirements phased in based on the size of the institution. Sixty-three percent of institutions reported that they have a risk committee of the board of directors with primary responsibility for risk oversight, up from 51 percent in 2014. As a result of the ascendance of the board risk committee, only 16 percent said the full board has primary responsibility, down from 23 percent in the prior survey. Placing primary responsibility in a board risk committee is much more common in the United States and Canada (89 percent) than in Europe (65 percent), (63 percent). This may be a response to the requirements of the Federal Comptroller of the Currency's (OCC) heightened standards regarding board risk committees. A prominent role for board risk committees is more common at banks (74 percent compared to 56 percent in 2014), although it also rose at investment 44 percent) and insurers (61 percent up from 49 percent). As noted, there has been a trend for institutions include independent directors on their board risk committees. The Federal Reserve s EPS requires that the risk committee include at least one independent director, while the US OCC regulations increased the required number to two independent directors. The survey found that the trend toward independent directors on board risk committees has become pronounced. that their board risk committee includes two or more independent directors (as well as other directors), while 36 percent said it is composed entirely of independent directors (Figure 4). Composed entirely of independent directors 36% 45% 5% 13% Note: Percentages may not total due to rounding Source: GMRS survey 10th edition Contains two or more independent directors (as well as other directors) Contains one independent director Does not contain any independent directors 1. Basel Committee on Banking Supervision, Principles for enhancing corporate governance, October 2010, http:// www.bis.org/

Having the risk committee chaired by an independent director and having the participation of a risk management expert are becoming regulatory expectations for larger institutions. Many institutions independent directors as members of their risk committee, or even for their risk committee to be chaired by an independent director, than to secure management expert. Seventy-two percent of institutions reported that their board risk committee is chaired by an independent director, while 67 percent have a risk management expert on their committee. expert is most common in the United States and Canada (78 percent), Asia (86 percent), whereas it is less common in Europe (52 percent). One reason for the lower prevalence in Europe is that European regulations contain a more general requirement that risk committee members...shall have appropriate knowledge, skills, and expertise to fully understand and monitor the risk strategy and the risk appetite of the institution. 2 Having an independent risk management function headed by a CRO is a regulatory expectation. The Basel Committee guidance on governance recommends that large banks and internationally active banks have a risk management function authority, stature, independence, resources, and access to the board. 3 2. and of the Council, Article 76, 26 June 2013, http://eur-lex.europa.eu/lexuriserv/lexuriserv. do?uri=oj:l:2013:176:0338:0436:en: PDF. 3. Basel Committee on Banking Supervision, Principles for enhancing corporate governance. Adoption of a CRO position is almost universal, with 92 percent of institutions reporting that they have a CRO or equivalent position. The CRO position is more common at institutions in the United States/Canada (89 percent) and Europe (92 Latin America (63 percent).

regulatory expectation, for the CRO to report directly to the board of directors as well as to the CEO, but this is not the case at many institutions. The CRO reports to the board of directors at 52 percent of the institutions surveyed, up slightly from 48 percent in 2014. Further, the CRO reports to the CEO at 75 percent of institutions, meaning that at one quarter of the institutions the CRO does not report to the most senior management executive in the organization. It appears that many institutions have more work to do to improve the reporting structure for their CRO. it is easier to have independent directors as members of their risk committee, or even for their risk committee to be chaired by an independent director, than to secure management expert. At 90 percent of surveyed institutions, the CRO regularly meets with the board of directors or board committees responsible for risk management, although fewer (53 percent) reported that their CRO meets in executive sessions with the board. with the board of directors or the board risk committee without the CEO or other members of senior management present can provide the board with an opportunity to receive a frank assessment of the state of the risk management program and the It is a leading practice for the CRO to be the most senior management position responsible for the risk management program, but the CRO does not universally have this role. Only 48 percent of institutions reported that the CRO or equivalent is the highest level of management responsible for the risk management program, similar to the percentage in 2014. Other common responses were the CEO (27 percent), the executive-level risk committee (16 percent), or the CFO (4 percent). Assigning primary responsibility for risk management to the CRO is more common among institutions in the United States and Canada (78 percent) percent), or Latin America (25 percent). Institutions assign a broad range independent risk management group headed by the CRO. Many oversight activities were nearly universal, including developing and implementing the risk management framework, methodologies, standards, policies, and limits (94 percent), identifying new and emerging risks (94 percent), and developing risk information reporting mechanisms (94 percent). However, a number of other important oversight activities are in place at no more than two-thirds of institutions, including providing input on business strategy development and the periodic assessment of the plan (65 percent) and participating in day-to-day business decisions that management considerations need to be infused into both strategy and business decisions so that risk implications can be assessed, and more progress still needs to be made in these areas. Another area that a relatively low percentage of respondents said was a responsibility of the risk management program was approving new business or products (58 percent). This may be partly explained by the fact that relatively few new products are being introduced in the current economic and regulatory environment. Finally, regulators and industry leaders have devoted considerable attention to the role that incentive compensation and culture play in risk management, yet the activity of reviewing the compensation plan to assess its impact on the risk a responsibility by just 54 percent of respondents. This was more often a risk management responsibility at institutions in the United States and Canada (75 percent) and Europe (62 percent) than in (43 percent). Conclusion With the future direction of risk management more uncertain than it has been for years, perhaps the most important lesson is that many risk management programs should become nimbler. In the coming years, risk management programs should focus not only on being on acquiring the agility to respond risk management.

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback